Fredrik Tolf

Actually experimenting a bit more with this, it appears that notification sounds work only when there is one single conversation in the notification. It seems to be 100% reproducible that...

Having found the [list of historical Steamworks SDKs for download](https://partner.steamgames.com/downloads/list), I found that this change was introduced in version 1.58a, currently the latest version.

Please correct me if I'm wrong, but the code you link to seems to be more about providing some explanatory text for *every* error, rather than, for example, categorizing errors...

While I can understand the "temporarily stolen key" scenario, I do wonder how well that is protected against as is. In particular, the availability of conditional mediation requires the use...

@sbweeden I do realize that conditional mediation doesn't strictly *require* long-lived challenges, but it does seem to be the assumption. For example, [from this very GitHub project](https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-Conditional-UI): > Timeout values...

@emlun In my current implementation, I have in fact made challenges for conditional mediation unbounded in time. I think it would be quite weird if the login-prompt mysteriously stopped working...

@emlun >Agreed, but you can work around this by periodically refreshing the challenge and using an abort signal to cancel the timed-out conditional WebAuthn request and restart it with the...

@agl >While the implementation challenge is non-trivial for the browser, a challengeCallback of type () -> Promise as an alternative to challenge is interesting. Though I'm speaking from the RP...

>I'm only proposing it for conditional UI requests: [...] All of your concerns are surely reasonable in practice, but if a challenge callback is going to be part of the...

@timurnkey Clearly, I'm not the expert here (so the actual experts can feel very free to correct me), but my understanding is that the main circumstance where challenges for attestation...